1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Hackers are using fake Zoom or Microsoft Teams invites to spy on

    From TechnologyDaily@1337:1/100 to All on Mon Sep 1 17:30:09 2025
    Hackers are using fake Zoom or Microsoft Teams invites to spy on all your workplace activity

    Date:
    Mon, 01 Sep 2025 16:15:41 +0000

    Description:
    Be careful when installing remote desktop solutions - hackers are using them to spy on you without being spotted.

    FULL STORY ======================================================================Campaign
    targeted more than 900 companies with sophisticated phishing lures The goal was to deploy a remote monitoring and management tool Hackers are shifting goals and priorities and businesses must adapt

    More than 900 organizations have been targeted by a highly convincing
    phishing attack which sought to deploy a legitimate remote monitoring and management (RMM) solution and gain access to target endpoints without raising any alarms.

    A new report from security researchers at Abnormal claimed criminals would
    use compromised email accounts and conversation threads, AI-generated
    phishing pages, and would abuse legitimate file-sharing video conferencing platforms to spoof Zoom and Microsoft Teams with authentic-looking emails.

    The goal was to get the victims to install ConnectWise ScreenConnect, a legitimate IT tool repurposed for full remote access. Instead of stealing passwords, attackers lure victims into giving them administrator-level
    control over corporate systems. Once inside, they launch account takeovers, lateral phishing campaigns, and data theft while blending in with normal IT activity. Targeting education and religious groups

    Among the 900 companies attacked so far, the researchers found the majority were in education and religious groups (14.4%), healthcare and pharma (9.7%), and financial services (9.4%), with other industries like insurance, legal, retail, manufacturing, and tech, also being heavily targeted. Most victims
    are in the US, UK, Canada, and Australia.

    The attacks are powered by a dark web marketplace that sells ScreenConnect attack kits for a few thousand dollars, along with network access resold for $500$2,000.

    Some vendors even offer $6,000 custom packages with training and support, effectively turning ScreenConnect abuse into a RAT-as-a-Service business model.

    This campaign highlights a dangerous shift, Abnormal believes. Instead of breaking into systems, threat actors are now weaponizing trusted workplace tools to sidestep defenses.

    That is why businesses should adopt AI-powered email security, endpoint monitoring, zero-trust, and better staff awareness training, to counter these increasingly sophisticated threats. You might also like Everything you need
    to know about phishing Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/hackers-are-using-fake-zoom-or-microsof t-teams-invites-to-spy-on-all-your-workplace-activity


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)